A vulnerability was discovered in Mailman, which allows
a remote directory traversal exploit using URLs of the form
".../....///" to access private Mailman configuration data.
The vulnerability lies in the Mailman/Cgi/private.py file.
Updated packages correct this issue.